We compared Qualys VMDR and Rapid7 InsightVM based on our users reviews in six parameters. After reading the collected data, you can find our conclusion below:
The setup process for Qualys VMDR was considered simple and quick, with users reporting it taking anywhere from a few minutes to a couple of days. However, there were some difficulties mentioned regarding integration and data privacy. Despite these challenges, the overall feedback on the setup was positive. On the other hand, the initial setup for Rapid7 InsightVM had mixed experiences. While some users found it easy and completed it within an hour or a few hours, others faced difficulties and it took them several months, even with professional assistance. The ease of setup was generally rated between three to five out of five.
Qualys VMDR is notable for its effective prioritization system, ongoing monitoring, adaptable dashboard, and extensive vulnerability overview. On the other hand, Rapid7 InsightVM stands out for its efficient scan engine installation, precise scanning, customizable dashboards, and risk scoring.
Both Qualys VMDR and Rapid7 InsightVM have areas that could be improved. Qualys VMDR could enhance user experience and UI design, improve SLA tracking and batch prioritization, integrate with other products, and improve reporting. On the other hand, Rapid7 InsightVM needs better integration, enhanced reporting, improved user-friendliness, and stronger customer support.
The cost of setting up Qualys VMDR can differ based on required features, with reviewers finding it reasonably priced or competitive. However, there are extra charges for specific features. In contrast, Rapid7 InsightVM is generally considered to be more expensive, but some users find the pricing reasonable because of the flexibility in defining assets and sites.
Qualys VMDR is praised for its positive impact on ROI, effectively mitigating risks and enhancing cybersecurity. Nonetheless, there are apprehensions regarding rising expenses. On the other hand, Rapid7 InsightVM is highly regarded for its outstanding ROI, effectively thwarting cyber attacks and delivering substantial value. While some reviewers perceive the ROI as satisfactory, others consider it to be moderate.
The customer service for Qualys VMDR has received both positive and negative feedback. Some customers appreciate the convenience of accessing a global team and the implementation of suggested improvements. However, there are concerns about the response time and the expertise of the support personnel. In contrast, Rapid7 InsightVM's support is generally regarded as good, with well-informed technical assistance. Nonetheless, there have been instances of delayed response time.
Comparison Results
Based on the reviews, Qualys VMDR offers a simple and convenient setup process, along with a strong prioritization system and valuable features. However, it requires enhancements in user experience, integration, reporting, and pricing. On the other hand, Rapid7 InsightVM also provides an easy setup, valuable features like scan engines and customizable dashboards. It could benefit from improved integration, reporting, user-friendliness, and customer support. Qualys VMDR seems to have an advantage in prioritization and comprehensive vulnerability management, while Rapid7 InsightVM may excel in scan optimization and remediation management.
"Technical support is fantastic."
"Performs automated, regular scans in the network."
"I am impressed with the VMDR feature."
"It's really beneficial for scanning and interacting with the agent."
"Monitors workstations and servers for vulnerabilities and creates reports."
"It's very configurable to adjust impact to systems."
"I like that we have many scanners and channels that don't overload. It helps us scan and track easily. Also, the tagging system is good for tagging. We can still use QualysAgent task ID tools even if tags aren't made."
"It gives a very good overview of the inventory assessment process, and it can be accessed across our company because it's a global tool."
"The assessment is most valuable."
"The pricing is reasonable."
"It's a relevant management tool."
"This solution is much more user-friendly than past solutions I have used."
"The most valuable feature for me is the risk calculation based on monthly effects."
"There are many integrations with things like the VMware NSX that are great, the reporting is really solid."
"The most valuable features of Rapid7 InsightVM are the accurate level of scanning and the workflows are good."
"The most valuable features are its reporting capabilities and the host discovery functionality."
"The reporting and the GUI need improvements."
"Make some minimal dashboard improvements."
"I would like to see this solution simplified to work more easily in a multi-cloud environment."
"Qualys VMDR is basically susceptible to false positives, and false negatives."
"Some of the older features could be polished instead of focusing on releasing new features."
"It would be nice to have an all-in-one solution that was automated and could handle the scanning and reports as well as the patching and updating."
"This solution could be improved by extending the agent capabilities to different operating systems including Mac and Linux. We would also like the capability to easily check for vulnerability in assets in the IOTs."
"There seems to be a lack of easy onboarding into Qualys."
"One area I would like to improve in InsightVM is its integration with other solutions."
"I would say that it improved our visibility, but it left things open."
"This solution creates false-positives which can cause issues with reporting."
"The solution should include a tighter integration with third-party threat modeling and threat intelligence tools."
"The authentication scan is not working."
"In order to be able to properly test the solution and make a decision, I would like to receive the test license code instantly and eliminate the wait time."
"Patch management is the only missing feature I can think of. Rapid7 detects vulnerabilities, but it should also help you manage patches."
"We found that after you passed an endpoint, it didn't always reflect it in the next scan. I'm not sure if it was a glitch or some issue with the product's software. That was never clear. That was always an issue and something that definitely needed improvement."
Qualys VMDR is ranked 3rd in Risk-Based Vulnerability Management with 77 reviews while Rapid7 InsightVM is ranked 4th in Risk-Based Vulnerability Management with 55 reviews. Qualys VMDR is rated 8.2, while Rapid7 InsightVM is rated 8.0. The top reviewer of Qualys VMDR writes "Good visibility but expensive and needs better support". On the other hand, the top reviewer of Rapid7 InsightVM writes "You can scan a network, and receive recommendations to address vulnerabilities with the click of a button". Qualys VMDR is most compared with Tenable Nessus, Tenable Security Center, Microsoft Defender Vulnerability Management, Tenable Vulnerability Management and Tanium, whereas Rapid7 InsightVM is most compared with Tenable Nessus, Tenable Security Center, Microsoft Defender Vulnerability Management, Rapid7 InsightIDR and Wiz. See our Qualys VMDR vs. Rapid7 InsightVM report.
See our list of best Risk-Based Vulnerability Management vendors.
We monitor all Risk-Based Vulnerability Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.